Easy Chat Server 3.1 contains a denial of service vulnerability that allows remote attackers to crash the application by sending oversized data in the message parameter. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
EquityPandit 1.0 contains an insecure logging vulnerability that allows attackers to capture sensitive user credentials by accessing developer console logs via Android Debug Bridge. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Axessh 4.2 contains a stack-based buffer overflow vulnerability in the log file name field that allows local attackers to execute arbitrary code by supplying an excessively long filename.
FTP Shell Server 6.83 contains a buffer overflow vulnerability in the 'Account name to ban' field that allows local attackers to execute arbitrary code by supplying a crafted string. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Lavavo CD Ripper 4.20 contains a structured exception handling (SEH) buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in the License Activation Name field.
MiniFtp contains a buffer overflow vulnerability in the parseconf_load_setting function that allows local attackers to execute arbitrary code by supplying oversized configuration values.
JetAudio jetCast Server 2.0 contains a stack-based buffer overflow vulnerability in the Log Directory configuration field that allows local attackers to overwrite structured exception handling pointers.
DVDXPlayer Pro 5.5 contains a local buffer overflow vulnerability with structured exception handling that allows local attackers to execute arbitrary code by crafting malicious playlist files.
TuneClone 2.20 contains a structured exception handler (SEH) buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious license code string.
Iperius Backup 6.1.0 contains a privilege escalation vulnerability that allows low-privilege users to execute arbitrary programs with elevated privileges by creating backup jobs.
Admin Express 1.2.5.485 contains a local structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an alphanumeric encoded payload in the Folder Path field.
OS command injection in Linksys MR9600 mesh router firmware 2.0.6.206937 allows authenticated remote attackers to execute arbitrary system commands with router privileges via crafted Smart Connect configuration parameters. The vulnerability exists in the SmartConnect.lua file's smartConnectConfigure function, which fails to sanitize user input in configApSsid, configApPassphrase, srpLogin, and srpPassword arguments before passing them to system commands. Publicly available exploit code exists (GitHub POC), but EPSS indicates low (0.15%) exploitation probability and CISA has not listed this in KEV, suggesting limited real-world targeting. Vendor (Linksys) did not respond to researcher disclosure.
Stack-based buffer overflow in Tenda F453 firmware version 1.0.0.3 allows remote attackers to achieve complete system compromise through manipulation of the page parameter in the VirtualSer handler. Public exploit code exists for this vulnerability, and no patch is currently available. An attacker with network access can execute arbitrary code with high impact on confidentiality, integrity, and availability.
Tenda F453 version 1.0.0.3 contains a stack-based buffer overflow in the SafeClientFilter parameter handler that allows authenticated remote attackers to execute arbitrary code by manipulating the manufacturer/Go argument. Public exploit code exists for this vulnerability and no patch is currently available, creating significant risk for affected deployments.
Stack-based buffer overflow in Tenda FH451 1.0.0.9 allows authenticated remote attackers to achieve complete system compromise through crafted input to the WrlclientSet endpoint. Public exploit code exists for this vulnerability, and no patch is currently available. The flaw enables attackers with valid credentials to execute arbitrary code with full system privileges.
Stack overflow in Tenda FH451 firmware version 1.0.0.9 allows authenticated remote attackers to execute arbitrary code through improper input validation in the WrlExtraSet function. Public exploit code exists for this vulnerability, and no patch is currently available. The flaw requires network access and valid credentials but can completely compromise the affected device's confidentiality, integrity, and availability.
Remote code execution in D-Link DIR-513 1.10 through stack-based buffer overflow in the /goform/formEasySetTimezone endpoint allows authenticated attackers to achieve full system compromise. Public exploit code exists for this vulnerability, and affected devices are no longer receiving security updates from the vendor. An attacker with valid credentials can exploit this remotely without user interaction to execute arbitrary commands with system privileges.
Tenda F453 1.0.0.3 contains a stack-based buffer overflow in the Natlimit parameter handler that allows authenticated remote attackers to achieve full system compromise through a malicious page argument. Public exploit code exists for this vulnerability, and no patch is currently available. An attacker with network access and valid credentials can trigger the overflow to execute arbitrary code with high integrity and confidentiality impact.
NetNumber Titan Master 7.9.1 contains a path traversal vulnerability in the drp endpoint that allows authenticated users to download arbitrary files by injecting directory traversal sequences.
UltraVNC Viewer 1.2.2.4 contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized string to the VNC Server input field.
The Ultimate WordPress Toolkit - WP Extended plugin for WordPress contains a privilege escalation vulnerability affecting all versions up to and including 3.2.4. Authenticated attackers with Subscriber-level access can exploit an insecure URL check to gain administrative capabilities, enabling them to modify WordPress options and create new administrator accounts. This is a critical vulnerability with a CVSS score of 8.8, requiring low attack complexity and no user interaction.
A time-based SQL injection vulnerability exists in the WP Maps - Store Locator plugin for WordPress through version 4.9.1, allowing unauthenticated attackers to extract sensitive database information via the insufficiently sanitized 'orderby' parameter. With a CVSS score of 7.5 (High), this vulnerability requires no privileges or user interaction and can be exploited remotely over the network. No KEV listing or EPSS data is provided, but the vulnerability has been publicly disclosed by Wordfence with technical details and code references available.
DLL hijacking in Flos Freeware Notepad2 4.2.25 enables local privilege escalation when an attacker with low-privilege access can place a malicious TextShaping.dll in the application's search path, achieving high confidentiality, integrity, and availability impact. Exploitation requires high attack complexity and is considered difficult per vendor assessment. No public exploit identified at time of analysis, with EPSS score of 0.01% indicating minimal observed exploitation activity. Vendor unresponsive to disclosure, leaving patch status uncertain.
DLL hijacking in Notepad2 4.2.25 allows local attackers with low privileges to achieve code execution by exploiting an uncontrolled search path vulnerability in PROPSYS.dll loading. The attack vector requires local access with high complexity (CVSS 7.3, CVSS v4.0), classified as difficult to exploit by the reporting source (VulDB). EPSS score of 0.01% (1st percentile) indicates minimal observed exploitation activity, and no active exploitation or public POC has been confirmed. Vendor (Flos Freeware) did not respond to coordinated disclosure, leaving patch status uncertain.